Using a trusted execution environment for a cryptographic key wrapping scheme that verifies remote device capabilities

ABSTRACT

The technology disclosed herein provides a cryptographic key wrapping system for verifying device capabilities. An example method may include: accessing, by a processing device, a wrapped key that encodes a cryptographic key; executing, by the processing device in a trusted execution environment, instructions to derive the cryptographic key in view of the wrapped key, wherein the executing to derive the cryptographic key comprises a task that consumes computing resources for a duration of time; using the cryptographic key to access program data; executing, by the processing device, the program data, wherein the executed program data evaluates a condition related to the duration of time; and transmitting a message comprising an indication of the evaluated condition.

RELATED APPLICATIONS

The present application is a continuation of application Ser. No. 16/695,869, filed Nov. 26, 2019, entitled “USING A TRUSTED EXECUTION ENVIRONMENT FOR A PROOF-OF-WORK KEY WRAPPING SCHEME THAT VERIFIES REMOTE DEVICE CAPABILITIES” which is incorporated by reference herein.

TECHNICAL FIELD

The present disclosure generally relates to a cryptographic system for verifying computing resources of a computing device, and is more specifically related to a proof-of-work key wrapping mechanism that encrypts a cryptographic key and verifies the ability of the computing device to derive the cryptographic key.

BACKGROUND

Computers often use cryptographic techniques to restrict access to content. The cryptographic techniques may involve generating a secret key that is used by a device to access the content. The secret key may be something as simple as a passcode or something more complex, such as a cryptographic token. The device may use the secret key as input to a locking mechanism to gain access to the content. The locking mechanism may involve a cryptographic function and the device may use the secret key as input when executing the cryptographic function. If the secret key is correct, the cryptographic function will enable access to the content and if the secret key is incorrect, the cryptographic function will not enable access to the content.

In a simple example, the secret key may be used with the cryptographic function to encrypt content and may be subsequently used to decrypt the content to enable a device to access the content. The secret key may be transmitted between computing devices and before transmission the secret key may be encrypted to avoid the secret key from being compromised during transmission. The process of encrypting the secret key may be referred to as key wrapping and the resulting encrypted secret key may be referred to as a wrapped key.

BRIEF DESCRIPTION OF THE DRAWINGS

The present disclosure is illustrated by way of examples, and not by way of limitation, and may be more fully understood with references to the following detailed description when considered in connection with the figures, in which:

FIG. 1 depicts a high-level block diagram of an example computing environment that uses a proof-of-work key wrapping system, in accordance with one or more aspects of the present disclosure;

FIG. 2 depicts a block diagram of an example computing device with one or more components and modules for configuring a proof-of-work key wrapping task, in accordance with one or more aspects of the present disclosure;

FIG. 3 depicts a block diagram of an example computing device with one or more components and modules to perform a proof-of-work key wrapping task to derive a key from a wrapped key, in accordance with one or more aspects of the present disclosure;

FIG. 4 depicts another example computing environment that may use a proof-of-work key wrapping task to verify characteristics of a computing device, in accordance with one or more aspects of the present disclosure;

FIG. 5 depicts a block diagram of a proof-of-work key wrapping system that replaces the access key, wrapping key, and/or wrapped key with a set of corresponding keys, in accordance with one or more aspects of the present disclosure;

FIG. 6A depicts a block diagram of a key deriving process for deriving independent keys in parallel, in accordance with one or more aspects of the present disclosure;

FIG. 6B depicts a block diagram of a key deriving process for deriving integrated keys serially, in accordance with one or more aspects of the present disclosure;

FIG. 7 depicts a flow diagram of an example method for executing a proof-of-work key wrapping system to cryptographically verify computing resources of a computing device, in accordance with one or more aspects of the present disclosure;

FIG. 8 depicts a block diagram of an example computer system in accordance with one or more aspects of the present disclosure;

FIG. 9 depicts a flow diagram of another example method for executing a proof-of-work key wrapping system to cryptographically verify computing resources of a computing device, in accordance with one or more aspects of the present disclosure;

FIG. 10 depicts a block diagram of an illustrative computing device operating in accordance with the examples of the present disclosure.

DETAILED DESCRIPTION

Many computing environments are configured to provide on-demand availability of computing resources to consumers without direct management by the consumers. This configuration may be referred to as cloud computing because the computing resources may be hosted by an entity and made available to multiple consumers over the internet, which is often represented as a cloud. The entity that consumes the computing resources may be different from the entity hosting the computing resources. The hosting entity may provide the computing resources using a pool of collocated or distributed computing devices (e.g., data center or distributed system), one or more individual computing devices (e.g., edge servers or desktops), or a combination thereof. The consuming entity may provide input data (e.g., code or configurations) that enable the computing resources of the hosting entity to execute computing tasks on behalf of the consuming entity. The hosting entity may indicate attributes of the computing resources that are available for consumption or have been consumed by the computing tasks and may or may not receive compensation from the consuming entity.

The computing environments that host the computing resources are often very complex and the consuming entity may want the ability to verify that the computing resources are capable of meeting the expectations of the consuming entity before the computing task is executed. Verifying the availability or capacity of the computing resources may be important because the compensation may be based on the computing resources or there may be a minimum amount of computing resources needed to successfully execute the computing task. The computing resources may fail to satisfy the expectations of the consuming entity for a variety of reasons. For example, the computing resources may have be incorrectly advertised, over utilized, improperly configured, maliciously compromised, other reason, or a combination thereof.

Aspects of the present disclosure address the above and other deficiencies by providing technology that integrates a cryptographic key wrapping system with a proof-of-work system to verify computing resources of a recipient computing device. The proof-of-work system may function as a computational puzzle that may be solved by the recipient computing device. In one example, the technology may generate a cryptographic key and may encrypt the cryptographic key to produce a wrapped key. The wrapped key may be provided to a recipient computing device without an unwrapping key and the content of the cryptographic key may remain hidden until the recipient computing device can derive the cryptographic key in view of the wrapped key.

The manner in which the cryptographic key is wrapped (e.g., strength of encryption) and any hints for breaching the wrapped key may be selected so that the process of deriving the cryptographic key from the wrapped key functions as a proof-of-work task (e.g., a computational puzzle). The proof-of-work task can be configured so that it will consume a particular amount of computing resources (e.g., processor cycles, input/output (I/O) operations). The result of the proof-of-work task may be the original cryptographic key or an unwrap key that can be used to expose the original cryptographic key.

The wrapping of the cryptographic key and the hints for deriving the cryptographic key (e.g., breaching the wrapped key) may be based on one or more cryptographic attributes. The cryptographic attributes may be selected to cause the recipient computing device to consume a quantity of a particular computing resource (e.g., processor, memory, disk, network) or take a particular amount of time to derive the cryptographic key from the wrapped key (e.g., complete the proof-of-work task). The cryptographic attributes may be selected by the device wrapping the cryptographic key or by another device that provides the cryptographic attributes to the device wrapping the cryptographic key (e.g., task scheduler or management device). The cryptographic attributes may be selected based on the computing resources of a recipient computing device. The actual recipient computing device may be unknown at the time of wrapping the key and the selection may be based on an approximation of computing resources of intended recipient computing devices. The cryptographic attributes may correspond to attributes for generating access keys, wrapping keys, candidate keys, other operation, or a combination thereof. In one example, the cryptographic attributes may correspond to one or more key lengths, cryptographic functions, salt values, other attribute, or a combination thereof

The technology discussed herein may verify the capabilities of a recipient computing device by using a proof-of-work key wrapping scheme that targets particular characteristics of the recipient computing device. The recipient computing device may be the computing device that will host the code or configuration of a consuming entity. The characteristics may relate to any computing resource of the recipient computing device and may include one or more aspects of processing devices (e.g., operations per second), memory devices (e.g., memory space or IO), storage devices (e.g., read/write speed or storage availability), network devices (e.g., bandwidth), other devices, or a combination thereof. The selection of the cryptographic attributes may cause the process of breaching the wrapped key to consume a particular quantity of computing resources. By further incorporating a time determination feature, the technology may determine how long the breaching takes and therefore calculate a rate of the computing resources (e.g., rate =quantity/time). The rate of the computing resources may be used to quantify the performance of the computing resources and may be compared to one or more predetermined threshold values to detect whether the recipient computing device satisfies a threshold (e.g., threshold value). The threshold may be based on a value advertised by a provider of computing resources or a value requested by a consumer of the computing resources. The proof-of-work wrapping may be used to verify the capabilities of any computing device hosting the code or configuration of the consumer and the computing device being verified may correspond to a cloud computing device (e.g., host machine, virtual machine, container), a distributed computing device (e.g., edge computing node), an end user device (e.g., smart phone, laptop), internet of things device (e.g., smart speaker), other computing device, or a combination thereof.

The technology discussed herein may execute the proof of work task within a trusted execution environment (TEE) of the recipient computing device to reduce the ability of the recipient computing device to exploit the verification mechanism. There are many ways that the verification mechanism can be exploited (e.g., compromised, undermined, avoided, gamed, cheated, hacked, etc.). In one example, the recipient computing device may inspect incoming data to determine that it is a proof of work task and assign or reallocate computing resources to ensure that the proof of work task is done more quickly than other tasks. In another example, the recipient computing device may inspect the data of the proof of work task and compare it to past tests to reduce the complexity and solve the proof of work task more quickly. In these and other examples, the trusted execution environment (TEE) may reduce the exploitability because the TEE may be provided by a security enhanced processor that increases the confidentiality and integrity of data of a process or machine from other processes executing on the same processor. The processor may increase confidentiality of the data by associating the process with an encrypted memory region (e.g., enclave) and by encrypting the data for the process and not for any other processes.

The systems and methods described herein include technology provide many advantages. In particular, an of the proof-of-work key wrapping system is that the settings for the proof-of-work (e.g., cryptographic attributes) may be selected to be specific to a class of recipient computing devices but may be independent from the content being protected or the particular bit sequence of the cryptographic key. Therefore, the settings for the proof-of-work can be selected before the content or cryptographic key is chosen, created, or modified. For example, in an encryption scenario the proof-of-work settings for wrapping a cryptographic key may be selected before, during, or after, the cryptographic key is generated or the content is encrypted. In addition, approximating the computing resources that will be consumed does not depend on the size, complexity, or location of the content that is being protected.

Another advantage of the proof-of-work key wrapping system may be to avoid relying on a third party service to verify whether the proof-of-work was successfully completed. Some proof-of-work systems may rely on other devices (e.g., trusted third parties) that are separate from the computer that is solving the proof of work puzzle. The separation may be used to help ensure that the data for checking the results is not exploited to make solving the computational puzzle easier. Requiring a separate device for checking the results may make the system more complex and/or vulnerable. The technology disclosed herein, in one example, may avoid the need for a separate checking device by enabling the verification to be self-authenticating. For example, when the results of the proof-of-work are incorrect the resulting key will not work and access will be prohibited.

Various aspects of the above referenced methods and systems are described in details herein below by way of examples, rather than by way of limitation. The examples provided below discuss a computing environment where recipient computing devices (e.g., host machines) have their computing resources verified via a proof-of-work key wrapping mechanism and the proof-of-work task may be configured before, during, or after the recipient computing devices or content are identified.

FIG. 1 illustrates an exemplary computing environment 100 in which implementations of the disclosure may operate. Computing environment 100 may include one or more computing devices at a single physical location (e.g., data center) or across multiple physical locations (e.g., different data centers). In one example, computing environment 100 may include content 102A-Z, a cryptographic key 104, one or more computing devices 110A-Z, and a network 150.

Content 102A-Z may be any intangible or tangible content that a computing device or user can be restricted from accessing using the technology disclosed herein. Intangible content may be digital content such as program data that cannot be touched by a human and may include data in one or more messages (e.g., packets, data frames, analog or digital signals), data storage objects (e.g., computer files, database records, arrays), other digital or analog resources, or a combination thereof. Tangible content may include resources that can be touched by a human and may include computer hardware, physical credentials (e.g., ID badges, licenses), paper documents, currency, other physical objects, or a combination thereof.

Cryptographic keys 104 and 106 may be any pieces of information that can be used to protect or enable a computing device to access a portion of content 102A-Z. Cryptographic keys 104, 106 may exist in a human readable form (e.g., passcode, password), a non-human readable form (e.g., digital token or digital certificate), other form, or a combination thereof. Cryptographic keys 104, 106 may be input to a cryptographic function, output of a cryptographic function, or a combination thereof. As shown in FIG. 1, cryptographic key 104 may be an access key that enables a computing device or user to access content and cryptographic key 106 may be used as a key for wrapping or unwrapping cryptographic key 104 to produce wrapped key 114. Cryptographic keys 104, 106 may be or include one or more encryption keys, wrap keys, decryption keys, session keys, transport keys, migration keys, authentication keys, authorization keys, digital certificates, integrity keys, verification keys, digital tokens, license keys, signatures, hashes, other data or data structure, or a combination thereof

Cryptographic keys 104, 106 and any number of other cryptographic keys may be used as part of a cryptographic system that provides privacy, integrity, authentication, authorization, non-repudiation, other features, or a combination thereof. Computing environment 100 may use a combination of multiple different cryptographic systems to implement the proof-of-work key wrapping. For example, one or more of the computing devices 110A-Z may use an asymmetric cryptographic system to perform an exchange of cryptographic key 104, cryptographic key 106, wrapped key 114, cryptographic attributes 116, other data, or a combination there of. The exchanged data may then be used to enable one or more of the recipient computing devices 110B-Z to derive cryptographic key 104 from wrapped key 114 in order to access or provide access to content 102A-Z. Example cryptographic systems are discussed in more detail in regards to encrypting component 115 of FIG. 2.

Computing devices 110A-Z may include one or more server devices (e.g., standalone servers or rack mounted servers), personal computers (e.g., desktops, workstations, laptops), mobile devices (e.g., phones, tablets, watches, key fobs, key cards), embedded systems (e.g., automation devices), other electrical or electromechanical device, or a combination thereof. Computing devices 110A-Z may be able to create, transmit, receive, or use one or more cryptographic keys to protect or access content. Computing device 110A may wrap cryptographic key 104 and computing devices 110B-D may unwrap and subsequently use cryptographic key 104 to access content. Each of the computing devices 110A-Z may include respective computing resources 111A-Z.

Computing resources 111A-Z may include one or more physical computing resources, virtual computing resources, or a combination thereof that can be used to perform a computing task. The computing task may be the proof-of-work task or another task that has been assigned. The other tasks may be the same or similar to a job, workload, service, function, operation, other task, or a combination thereof. Computing resources 111A-Z may include hardware resources, program resources, other resources, or a combination thereof. The hardware resources may include processor resources (e.g., processor speed, process architecture, number of CPU/GPU cores), storage resources (e.g., disk space, memory size), input/output (I/O) (e.g., networking I/O, processor I/O, memory I/O), other resources, or a combination thereof. The program resources may correspond to features of an application, operating system, hypervisor, kernel, other computing program, or a combination thereof. Computing resources 111A-Z may be determined (e.g., approximated, estimated, predicted) by computing device 110A and stored as characteristic data, which is discussed in more detail in regards to FIG. 2.

Computing device 110A may function as a device for managing the key wrapping and may select the settings used to configure the proof-of-work key wrapping. Computing device 110A may also or alternatively function as a scheduler of the tasks. In the example shown in FIG. 1, computing device 110A may select the cryptographic attributes and also wrap cryptographic key 104 in view of the selected cryptographic attributes. In other examples, computing device 110A may select cryptographic attributes 116 but one or more other devices may create the cryptographic key, wrap the cryptographic key, or a combination thereof. As shown in FIG. 1, computing device 110A may include a cryptographic attribute component 113, an encrypting component 115, and a data providing component 117. Cryptographic attribute component 113 may estimate the characteristics of a recipient computing device (e.g., one of computing devices 110B-D) and select at least one cryptographic attribute based on the characteristic of the recipient computing device. Encrypting component 115 may access the selected cryptographic attributes and wrap the cryptographic key 104 based on the selected cryptographic attribute. Data providing component 117 may provide the wrapped key 114 and details about one or more of the selected cryptographic attributes 116 to one of the computing devices 110B-Z (e.g., recipient computing devices).

Computing devices 110B-Z may function as host machines that can execute tasks provided by computing device 110A. Computing devices 110B-Z may have their computing resources verified using the tasks associated with the proof-of-work key wrapping (e.g., key breaching task), which may involve deriving cryptographic key 104 from wrapped key 114 without being provided the unwrapping key. In one example, computing devices 110B-Z may be referred to as recipient computing devices because they may be the recipient of a wrapped version of cryptographic key 104 (e.g., wrapped key 114) and a cryptographic attribute 116 (e.g., breaching hint). In another example, computing devices 110B-Z and may be referred to as host computing devices because they may host one or more computing tasks of a consumer. In yet another example, computing devices 110B-Z may also or alternatively be referred to as accessing devices because after deriving cryptographic key 104 from wrapped key 114 they may use cryptographic key 104 to access content 102A-Z (e.g., program data, task inputs). In any of these example, computing device 110B-Z may provide trusted execution environments 101A-C to execute the tasks (e.g., verification task and/or consumer task).

Trusted execution environments 101A-C may be secure areas within the respective computing devices and may guard data of a computing process from being accessed by other computing processes. The process may be a set of one or more computing processes, threads, or instruction streams and in one example it may be a set with a single process (e.g., user process) and in another example it may be a set of multiple processes (e.g., all processes of a particular virtual machine). The trusted execution environment may be provided by one or more processors coupled to a storage device (e.g., memory). The processor may guard data of the set of processes from being accessed by other processes that may be more or less privileged. For example, in a trusted execution environment a central processing processor (CPU) may guard data of a lower privileged process (e.g., user process or virtual machine process) from being accessed by a higher privileged process (e.g., kernel process or hypervisor process). The data being guarded may include executable data (e.g., code), non-executable data (e.g., input data or output data), other data, or a combination thereof. In some examples, trusted execution environments 101A-C may be provided by special instructions and features of the processor and may be the same or similar to Software Guard eXtensions (SGX)® provided by Intel®, Memory Encryption Technology provided by AMD® (e.g., Secure Encrypted Virtualization (SEV)®, Secure Memory Encryption(SME, SME-ES), TrustZone® provided by ARM®, other technology, or a combination thereof. In some or all of these examples, the processor may guard the data by establishing one or more encrypted memory regions 103A-C.

Each of the trusted execution environments 101A-C may include one or more trusted execution environment instances (e.g., TEE instances). An instance of the trusted execution environment may be established for a particular set of one or more processes and may be associated with a particular memory encrypted region. The instances of a trusted execution environment may be provided by the same hardware (e.g., processor and memory) but each instance may be associated with a different memory encrypted region and a different set of one or more processes (e.g., set including an individual process or set of all VM processes). As shown in FIG. 1, trusted execution environments 103A-C may be provided by a respective processors that may guard data associated with a particular instance using one or more encrypted memory regions 103A-C.

Encrypted memory regions 103A-C may be regions of memory that are assigned to a set of one or more processes and that store data in an encrypted form. The data may be encrypted and decrypted by hardware devices using cryptographic keys that are accessible to the hardware devices and may be inaccessible to processes executed by the hardware devices, this may be the same or similar to hardware based encryption, hardware level encryption, other term, or a combination thereof. The hardware devices may include one or more general purpose processors (e.g., CPUs), graphical processing units (GPUs), secure elements (SE), secure cryptoprocessors, memory controller, other integrated circuit, or a combination thereof.

The encrypted memory region may be a contiguous or non-contiguous portion of physical memory, virtual memory, logical memory, or other abstraction and may a portion of primary memory (e.g., main memory), auxiliary memory (e.g., solid state storage), adapter memory, other persistent or non-persistent storage, or a combination thereof. In one example, the encrypted memory region may be a portion of main memory associated with a particular process and the processor may encrypt the data when storing the data in the memory region and may decrypt the data when accessing the data in the memory region. The data in the memory region may be transformed (e.g., encrypted or decrypted) before, during, or after it is stored in or accessed from the memory region. The data may remain in an encrypted form while in the encrypted memory region and may or may not remain in an encrypted form when stored within the processor.

The encryption and decryption that occurs in regards to the encrypted memory region and the associated trusted execution environment may be separate from the proof of work key wrapping scheme. For example, the proof of work key wrapping scheme may be performed in the absence of the trusted execution environment but that may enable the recipient computing device to access data of the proof of work task to exploit the task. As discussed herein, the data of the proof of work task may be stored in the encrypted memory region and may be executed using the trusted execution environment. The data of the proof of work task may include the instructions (e.g., executable code, derivation program), the input data (e.g., wrapped key, breaching hints), output data (e.g., unwrap key, cryptographic key), other data, or a combination thereof. The results of the proof of work task may enable the respective computing devices 110B-Z to derive the cryptographic key 104 from the wrapped key 114 and to use the derived cryptographic key to access content.

The content being accessed by computing devices 110B-Z may be stored in the encrypted memory region 103, other local data storage (e.g., integrated or directly attached storage), remote storage (e.g., accessible over a network), other storage, or a combination thereof. For example, computing device 110C may use the unwrapped cryptographic key 104 to access content 102C that is stored locally, content 102Z on computing device 110Z, or content 102C stored remotely on data store 120. For example, computing device 110B may access content by using the unwrapped cryptographic key 104 to establish a communication channel 122 with a device that contains the content (e.g., data of document or program). Communication channel 122 may be initiated or established by computing device 110B, data store 120, another computing device, or a combination thereof. Communication channel 122 may involve one or more connections 124 that communicably couple computing device 110B with one or more other devices (e.g., data store 120 or computing device 110Z). Connection 124 may include one or more wired connections, wireless connections, or a combination thereof. Communication channel 122 may be associated with cryptographic key 104 and cryptographic key 104 may have been used to establish communication channel and/or to enhance one or more security features of a communication channel. The security features may enhance privacy, integrity, authentication, authorization, non-repudiation, other feature, or a combination thereof. Communication channel 122 may be a security enhanced connection that occurs at one or more levels of a networking stack and may be the same or similar to a connection based on a Transport Layer Security (TLS), Internet Protocol Security (IPSec), Virtual Private Network (VPN), Hyper Text Transfer Protocol Secure (HTTPS), other connection technology or protocol, or a combination thereof.

Communication channel 122 may be a network connection, a computer-to-computer connection, other connection, or a combination thereof. The network connection may be an indirect connection that traverses one or more network nodes (e.g., access points, switches, routers, or other networking infrastructure device) that communicably couple computing device 110A with one or more of computing devices 110B-Z. A computer-to-computer connection may be the same or similar to a peer-to-peer connection and may be a direct connection between computing device 110B and data store 120 or one of the computing device 110C-D (e.g., bluetooth connection, ad-hoc network connection). In one example, cryptographic key 104 may be a session key that is used to decrypt and/or encrypt data of content 102D. Content 102D may include data this is stored in an encrypted or non-encrypted form when on a remote device (e.g., data store 120) and may be transmitted over communication channel 122 in an encrypted form (e.g., doubly encrypted form). Computing device 110B may then receive the encrypted content and decrypt it using cryptographic key 104.

Computing device 110C may include or be coupled to a data storage device that stores content 102C. Content 102C may include one or more encrypted data storage objects, which may include file objects (e.g., encrypted files), database objects (e.g., databases, records, field values), other storage objects, or a combination thereof. Computing device 110C may provide computing device 110B with access to content 102C by transmitting data of content 102C (e.g., encrypted content) over an encrypted or non-encrypted communication channel. Computing device 110B may receive the data and decrypt the data using cryptographic key 104.

Network 150 may be a public network (e.g., the internet), a private network (e.g., a local area network (LAN) or wide area network (WAN)), or a combination thereof. In one example, network 150 may include a wired or a wireless infrastructure, which may be provided by one or more wireless communications systems, such as a wireless fidelity (WiFi) hotspot connected with the network 150 and/or a wireless carrier system that can be implemented using various data processing equipment, communication towers, etc.

FIGS. 2 and 3 are block diagrams illustrating a more detailed example of computing devices 110A and computing device 110B respectively, in accordance with one or more aspects of the present disclosure. FIG. 2 includes an exemplary computing device 110A that may function as a task scheduler and may include modules for configuring a proof-of-work key wrapping scheme. FIG. 3 includes an exemplary computing device 110B that may host tasks assigned by the task scheduler and may include modules that use a trusted execution environment to breach the wrapped key in view of the proof-of-work key wrapping scheme.

In regards to FIG. 2, the components, modules, or features discussed in regards to computing devices 110A may be consolidated to a single computing device (e.g., a device that selects settings and wraps the key) or may be spread across multiple computing devices (e.g., one device selects settings and one or more other devices create and wrap the key). In the example shown, computing device 110A may include a cryptographic attribute component 113, an encrypting component 115, and a data providing component 117, which may be the same or different as those illustrated in FIG. 1.

Cryptographic attribute component 113 may enable computing device 110A to identify and select cryptographic attributes that cause a proof-of-work task (e.g., breaching the wrapped key) to consume a particular quantity of computing resources. In one example, cryptographic attribute component 113 may include a characteristic determination module 210, a consumption determination module 212, and an attribute selection module 214.

Characteristic determination module 210 may enable computing device 110A to determine characteristics of another computing device that will execute the proof-of-work task (e.g., breaching the wrapped key). The computing device executing the proof-of-work task may be referred to as a recipient computing device, a host computing device, an intended computing device, a target computing device, other term, or a combination thereof. In one example, the recipient computing device may be unknown when selecting the cryptographic attributes. In another example, the recipient computing device may be known and may or may not be contacted to determine the characteristics. In either example, characteristic determination module 210 may determine the characteristics using one or more operations that approximate, estimate, predict, or extrapolate the characteristics of an intended recipient computing device. The operations may be based on current data (e.g., devices accessing content), historical data (e.g., past devices accessing content), advertising data (e.g., advertised resource specifications), contractual data (e.g., service agreements), device modeling data (e.g., average resources of a smart phone, laptop, workstation, server, supercomputer), user input, data extrapolated from scientific projections of future resource availability, other data, or a combination thereof. The determined characteristics of a recipient computing device may be stored in data storage 240 as characteristic data 242.

Characteristic data 242 may include values that correspond to one or more computing resources of a recipient computing device. As discussed above, the computing resources of a recipient computing device may include hardware resources, program resources, other resources, or a combination thereof and characteristic data 242 may describe, indicate, or represent these resources. The values of characteristic data 242 may include one or more measurements, numbers, characters, strings, labels, or other value that correspond to a time, quantity, and/or rate of one or more of the computing resource. For example, characteristic data may include or indicate on or more processor speeds (e.g., 8.4 GHz), processor types (e.g., CPU, GPU, FPGA, ASIC), processor architecture (x86, powerPC®, Sparc®, ARM®), number of processors (e.g., 1, 2, 16), number of cores (e.g., dual core, quad core), disk space, memory size, memory I/O, processor I/O, networking I/O, program version (e.g., kernel version, kernel module, application feature), graphics acceleration, encoding/decoding acceleration, encryption/decryption acceleration, other resource details, or a combination thereof.

Consumption determination module 212 may enable computing device 110A to determine the quantity of computing resources that the proof-of-work task should consume in order to accomplish an intended goal (e.g., resource verification or temporal delay). Consumption determination module 212 may perform one or more calculations on input values to determine one or more output values. The input values and/or output values may include one or more mathematical functions or numeric values related to time, quantity, rate, other metric, or a combination thereof. Consumption determination module 212 may use the input and/or outputs as variables in one or more equations, formulas, models, other representation, or a combination thereof. In one example, consumption determination module 212 may solve a set of one or more equations to determine one or more output values. For example, the inputs may include a duration of time T (e.g., number of seconds) and a rate R (e.g., operations per second) and consumption determination module 212 may use a variation of the equation Rate (R)=Quality (Q)/Time (T) to determine a particular quantity. The particular quantity may correspond to the amount of computing resources (e.g., total number of operations) that should be consumed to accomplish the intended goal.

The intended goal may vary depending on the use case for the proof-of-work key wrapping and may be to impose a delay, to verify computing characteristics, other goal, or a combination thereof. In one example, the intended goal may be to delay the recipient computing device from accessing content and consumption determination module 212 may receive data indicating an intended time duration (e.g., user input designating a two day delay). Consumption determination module 212 may derive a rate of a recipient computing device from characteristic data 242 (e.g., operations per second of processor) and use the intended time duration and rate to determine a quantity. The quantity may correspond to the amount of the computing resource that the proof-of-work task should consume in order to delay the recipient computing device for the corresponding time duration.

In another example, the intended goal may be to test characteristics of the recipient computing device. Consumption determination module 212 may receive input indicating an intended rate of the computing resource (e.g., advertised processor rate or memory capacity of a virtual machine). Consumption determination module 212 may use the input rate and derive a quantity of the computing resource that the proof-of-work task should consume. The derived quantity may be a function of time as opposed to a particular time duration and one or more time durations may be selected as a threshold, which is discussed in more detail below. One or more of the input values or output values may be stored as intended consumption data 244 in data storage 240 and used by attribute selection module 214.

Attribute selection module 214 may enable computing device 110A to select the cryptographic attributes that control the quantity of computing resources consumed by a recipient computing device to derive the cryptographic key from the wrapped key. Attribute selection module 214 may execute two different roles when configuring the proof-of-work key wrapping and the roles may be performed together or separately. The first role is for selecting cryptographic attributes to use to create and encrypt (e.g., wrap) the cryptographic key. The second role is to select cryptographic attributes to provide to the recipient computing device to derive (e.g., unwrap) the cryptographic key.

The cryptographic attributes selected for wrapping the cryptographic key may be the same or different from the cryptographic attributes provided to the recipient computing device for unwrapping the cryptographic key. In one example, there may be a set of cryptographic attributes selected to wrap the cryptographic key and one or more cryptographic attributes from the set may be provided to the recipient computing device to unwrap the wrapped key. In another example, one or more of the cryptographic attributes provided for unwrapping the key (e.g., cryptographic attributes 116) may be absent from the set of cryptographic attributes for wrapping the cryptographic key. In either example, the cryptographic attributes may affect the quantity of computing resources consumed to by the recipient computing device.

The cryptographic attributes may be included in sets that each include one or more cryptographic attributes. A cryptographic attribute may relate to or indicate a feature of a cryptographic function, cryptographic input, cryptographic output, other data, or a combination thereof. The cryptographic function may be a Key Derivation Function (KDF) discussed below and may access cryptographic input and generate cryptographic output. The cryptographic input may include a seed value, salt value, output size (e.g., bit length), other data, or a combination thereof. Some or all of the cryptographic input may be provided to the cryptographic function as separate parameters, combined parameters, or a combination thereof. A cryptographic attribute may indicate a feature of a key (e.g., seed length) or may be data for deriving the key (e.g., seed, nonce, key fragment, key share). Examples of cryptographic attributes may indicate the size of an access key (e.g., 512 bit access key), size of the wrapping/unwrapping key (e.g., 128 bit unwrapping key), size of input to derive the key (e.g., salt value), other data, or a combination thereof. The set of cryptographic attributes 116 may be the same or similar to cryptographic constraints, limitations, restrictions, controls, settings, configurations, parameters, inputs, outputs, indicators, suggestions, hints, clues, other term, or a combination thereof.

Attribute selection module 214 may select the set of cryptographic attributes based on the characteristics of the recipient computing device by analyzing the characteristic data 242, intended consumption data 244, other data, or a combination thereof. In one example, the selection of the cryptographic attributes is intended to cause the recipient computing device to consume a predetermined quantity of computing resources. In another example, the selection of the cryptographic attributes is intended to cause the recipient computing device to consume a predetermined quantity of time. In either example, attribute selection module 214 may access characteristic data 242 that indicates characteristics of computing resources of the recipient computing device. Attribute selection module 214 may then access the intended consumption data 244 that indicates the intended quantity of the computing resources that should be consumed to breach a wrapped key.

Attribute selection module 214 may then calculate and select one or more sets of cryptographic attributes 116 in view of characteristic data 242, intended consumption data 244, other data, or a combination thereof. For example, a first cryptographic attribute may correspond to a key length that has multiple length options (e.g., 32 bit, 64 bit, 128 bit, 256 bit, 512 bit, 1024 Bit). The larger the key length the more computing resources would typically be consumed to identify the correct key. A second cryptographic attribute may correspond to a cryptographic function that has multiple options (key derivation functions A, B, and C). Attribute selection module 214 may then determine the quantity of computing resources consumed for one or more candidate combinations and select a candidate combination (e.g., 64 bit, key derivation function B) that satisfies the quantity indicated by the intended consumption data 244. Satisfaction of the quantity may be the candidate combination that is closest, closest without going under, closest without going over, other variation, or a combination thereof

Encrypting component 115 may enable computing device 110A to encrypt data and the data may include content data, key data, or a combination thereof. Encrypting component 115 may use one or more keys to perform the encryption and a first key may be used to encrypt the content and a second key may be used to encrypt the first key (e.g., wrap the first key). The features of encrypting component 115 may be executed by the same computing device that selects the cryptographic attributes or may be executed by one or more different computing devices. In the example shown, encrypting component 115 may include a wrap key creation module 220, key obtaining module 222, a key encrypting module 224, and content encrypting module 226.

Wrap key creation module 220 may enable computing device 110A to create cryptographic key 106 for wrapping one or more other keys. Cryptographic key 106 may be used to encrypt a key and may be referred to as a wrap key, a wrapping key, an encryption key, or other term. Wrap key creation module 220 may create the wrap key in view of one or more of the selected cryptographic attributes 116, which may identify a cryptographic key function and one or more parameter values to use as input. The cryptographic key function may or may not incorporate a number generator (e.g., random or pseudo-random number generator) and the parameter values may include length data (e.g., 64bit length indicator), salt data (e.g., salt values), nonce data (e.g., nonce values), seed data (e.g., seed values), key data (e.g., key fragment, key share), other data, or a combination thereof.

The cryptographic key function may be the same or similar to a key generator function (e.g., keygen), a key derivation function (KDF), other cryptographic function, or a combination thereof. In one example, a key generator function may create the wrap key based on a key length value (e.g., 128 bit) and a salt value that are derived from the selected cryptographic attributes. In another example, a key generator function may be a key derivation function that derives the wrap key in view of cryptographic key material (e.g., base key, seed value, salt value, nonce value) and may cause the resulting wrap key to be related to the cryptographic key material (e.g., mathematically related keys). The key derivation function may involve key strengthening (e.g., key hardening), key stretching (e.g., key lengthening), other key modification, or a combination thereof. The key derivation function may or may not enhance the security of the key or adjust the length of the key to comply with a particular format (e.g., minimum key length). In further examples, cryptographic key function may be a Password-Based Key Derivation Function (e.g., PBKDF1, PBKEDF2) that repeatedly applies a Hash-based Message Authentication Code (HMAC) and one or more salt values to cryptographic input to produce a cryptographic key. In any of the above examples, the resulting wrap key may be stored in data storage 240 as cryptographic key 106.

Key obtaining module 222 may enable computing device 110A to obtain the cryptographic key used to access the content (e.g., cryptographic key 104) so that it can be wrapped using cryptographic key 106. In one example, key obtaining module 222 may obtain cryptographic key 104 by creating it in a manner that is the same or similar to the process discussed above in regards to cryptographic key 106. The creation of cryptographic key 104 may or may not be based on one or more of the selected cryptographic attributes 116 and may use the same or different cryptographic key functions (e.g., two different key derivation functions). In another example, key obtaining module 222 may obtain cryptographic key 104 from a remote source or a local source. The remote source may be a remote computing device that is accessible over a network. The remote computing device may be another computing device (e.g., certificate authority, domain controller) that associated with a user, company, or service associated with computing device 110. The local source may be local to computing device 110A and may be in close proximity to computing device 110A (e.g., NFC, RFID, Bluetooth), directly attached to computing device 110A (e.g., USB Smart Card), integrated within computing device 110A (e.g., hardware embedded key). In either example, cryptographic key 104 may be subsequently stored in data storage 240.

Key encrypting module 224 and content encrypting module 226 may enable computing device 110A to encrypt different types of data. Key encrypting module 224 may include features for encrypting one or more cryptographic keys (e.g., key encryption) and content encrypting module 226 may include features for encrypting content that the recipient computing device intends to access using the wrapped key (e.g., content encryption). The process of encrypting a cryptographic key may be referred to as key wrapping, key encapsulation, or other term and may involve encoding cryptographic key material of key into a wrapped key that masks or hides the cryptographic key material from the recipient of the wrapped key until it is decrypted (e.g., unwrapped, unencapsulated).

Module 224 and 226 may use the same or different cryptographic systems. For example, key encrypting module 224 may use a weaker cryptographic system (e.g., smaller key length) to enable wrapped keys to be breached and content encrypting module 226 may use a stronger cryptographic system (e.g., larger key length) to increase the cost of access to the content in the absence of the access key. The cryptographic systems may be the same or similar to a symmetric key cryptographic system, an asymmetric key cryptographic system, other cryptographic system, or a combination thereof.

A symmetric key cryptographic system may use the same cryptographic keys for encryption of plaintext and for decryption of ciphertext. The cryptographic keys used in a symmetric key cryptographic system may be referred to as symmetric keys and may be identical keys (e.g., copies of the same key) or there may be a simple transformation to go between keys of a symmetric key pair. The symmetric key cryptographic system may involve stream ciphers, block ciphers, other cipher, or a combination thereof. The stream ciphers may encrypt individual elements (e.g., digits, characters) of a message one at a time. Block ciphers may take a set of elements and encrypt them as a single unit and may or may not pad the resulting plaintext so that it is a multiple of a block size of n bits (e.g., 64 bit, 128 bit, 256 bit, 1024 bit). In one example, the symmetric key cryptographic system may use one or more key wrap constructions that wrap or encapsulate cryptographic key material. The constructions may be built from standard primitives such as block ciphers and cryptographic hash functions. In other examples, the symmetric key cryptographic system may be the same or similar to Advanced Encryption Standard (AES), Galois/Counter Mode (GCM), Triple Data Encryption Standard (3DES, TDES), International Data Encryption Algorithm (IDEA), Blowfish, Lattice-based cryptography, multivariate cryptography (e.g., rainbow scheme), super singular elliptic curve cryptography, super singular isogeny graphs cryptography, other cryptographic system, or a combination thereof

An asymmetric key cryptographic system may use different keys for encryption and decryption. A first key may be used to encrypt plaintext into ciphertext and a second key may be used to decrypt the ciphertext into plaintext. The first and second keys may be referred to as an asymmetric pair and may be different keys that may or may not be mathematically related. In one example, the asymmetric key cryptographic system may be a public key cryptographic system and the first key may be a public key and the second key may be a private key. The public key may be published and accessible to multiple computing devices and the private key may remain secret and accessible to one or more computing device associated with a particular entity (e.g., user). A public key cryptographic system may enable any device to encrypt data using the public key of a recipient computing device. The encrypted data may be decrypted with the recipient's private key. An advantage of asymmetric key cryptographic system is that it may avoid the need of a secure channel for an initial exchange of one or more cryptographic keys between the parties, which is often a challenge for symmetric cryptographic systems.

Data providing component 117 may enable computing device 110A to provide data for the proof-of-work key wrapping system to the recipient computing device to enable the recipient computing device to access protected content (e.g., confidential data, program data). The data being provided may be in the form of one or more data structures and may include one or more wrapped keys, cryptographic attributes, encrypted content, other data, or a combination there of Computing device 110A may provide the data to one or more recipient computing devices and the one or more recipient computing devices may be able to individually or collectively access the protected content as discussed in more detail in regards to FIG. 4-7. Computing device 110A may provide the data to the recipient computing device by either transmitting the data to the recipient computing device, by storing the data on a storage device that can be accessed by the recipient computing device, or by instructing one or more other devices to create, move, copy, or transmit data to the recipient computing device.

The data may be provided via one or more data structures that are transmitted over one or more transmission mediums. The transmission mediums may include one or more network connections, peer-to-peer connections, shared storage devices (e.g., USB drive, smart card), electronic mail, physical mail, other data transmission mechanism, or a combination thereof. The data structures may include one or more file system objects (e.g., file, directory, metadata), database objects (e.g., record, table, tuple), computer messages (e.g., network messages, email messages, text messages, instant messages, inter-process messages, interrupts, signals, other messages, or a combination thereof.

In the example shown in FIG. 2, data providing component 117 may include a wrapped key module 230, an attribute module 232, and a content module 234. Wrapped key module 230 may enable computing device 110A to provide one or more wrapped keys to recipient computing devices. In one example, a cryptographic key may be encoded as a single wrapped key and the single wrapped key may be provided to one or more recipient computing devices. In another example, a cryptographic key may be encoded in multiple wrapped keys and a portion of the cryptographic key may be included in each wrapped key (e.g., wrapped key fragment). In either example, wrapped key module 230 may provide the wrapped key 114 to at least one recipient computing device without providing a key to decrypt the wrapped key (e.g., no unwrapping key).

Attribute module 232 may include features that enable computing device 110A to provide one or more cryptographic attributes to enable the recipient computing device to derive a key from the wrapped key. The one or more cryptographic attributes provided to the recipient computing device may function as hints or clues that reduce the computational complexity of deriving cryptographic key 104 from the wrapped key 114. As discussed above, the cryptographic attributes provided to the recipient computing device may be from the set of selected cryptographic attributes used to wrap the key or may be a cryptographic attribute that is absent from the set. In either example, the one or more cryptographic attributes 116 provided to the recipient computing device may be based on or derived from the wrapped cryptographic key, a wrap key, an unwrap key, other data, a previously selected cryptographic key, or a combination thereof.

The cryptographic attribute may be provided to the recipient computing device with the wrapped key or provided separate from the wrapped key. In one example, providing the cryptographic attribute with the wrapped key may involve packaging them together in one or more data structures and providing them using one of the data transmission mediums (e.g., package 602 of FIG. 6). In another example, providing the cryptographic attribute separate from the wrapped key may involve storing them in separate data structures and sending them separately via the same transmission medium or different transmission mediums. In a further example, one or more of the cryptographic attributes (e.g., hints) may be embedded in the proof-of-work key wrapping protocol or the program implementing the protocol that is executing on the recipient computing device.

Content module 234 may enable computing device 110A to provide content 102 to recipient computing devices. Content 102 may be encrypted data that can be decrypted after the wrapped key 114 is unwrapped. As discussed above, content 102 may be provided with the wrapped key 114, cryptographic attribute 116, other data, or a combination thereof. Enabling the recipient computing device to derive cryptographic key 104 and access content 102 is discussed in more detail in regards to FIG. 3.

FIGS. 3 is block diagram illustrating a more detailed example of a computing device 110B that may host a task assigned by the task scheduler and may include modules that use a trusted execution environment to perform the proof-of-work tasks configured by computing device 110A of FIG. 2. The components, modules, and features discussed in regards to computing devices 110B may be consolidated to a single computing device (e.g., a single device that derives the key and uses it to access content) or may be spread across multiple computing devices (e.g., multiple device derive respective keys that are combined to enable access to the content).

Computing device 110B may receive data provided by one or more computing devices and may use the data to derive a cryptographic key to access content. The received data may include one or more wrapped keys 114, cryptographic attributes 116, content 102, other data, or a combination thereof. Computing device 110B may receive the data from the same source (e.g., computing device 110A) or from multiple different sources (e.g., computing device 110A and one or more local or remote data stores 120). Computing device 110B may store and process the data using a trusted execution environment 101, a key deriving component 310, and a content accessing component 320.

Trusted execution environment 101 may be the same or similar to the trusted execution environments 101A-C discussed in regards to FIG. 1. In the example shown in FIG. 3, computing device 110B may execute the features of key deriving component 310 within the trusted execution environment 101 and the features of content accessing component 320 may be executed by computing device 110B without using a trusted execution environment. In other examples, portions of both the key deriving component 310 and the content accessing component 320 may be executed within a trusted execution environment (e.g., both in the same trusted execution environment instance or in different trusted execution environments instances). In either example, trusted execution environment 101 may execute key deriving component 310 and may store in encrypted memory region 103 the instructions, input data, intermediate data, and/or output data of key deriving component 310. The instructions may be executable data or program data that get resolved to hardware instruction calls for executing the key derivation process. The input data may be the wrapped key 114, the verification data 344, one or more cryptographic attributes (e.g., breaching hints), other data, or a combination thereof. The intermediate data may be the candidate key data 342 (e.g., potential unwrapping keys) and the output data may include the derived cryptographic key output by key deriving component 310.

Key deriving component 310 may enable computing device 110B to derive one or more access keys from one or more wrapped keys 114. In one example, deriving the access key from wrapped key 114 may involve deriving an unwrap key that can be used to decrypt the wrapped key 114 and expose the access key. In another example, deriving the access key from wrapped key 114 may involve deriving the access key from wrapped key 114 without identifying the unwrap key. In general, the cryptographic attributes discussed above may be selected so that deriving the unwrap key for the wrapped key is less computationally intensive than deriving the access key from the wrapped key in the absence of the unwrap key (e.g., easier to guess the unwrap key then to guess the key that is wrapped). In the example of FIG. 3, key deriving component 310 may include a wrapped key receiving module 312, an attribute analysis module 314, a candidate generation module 316, and a verification module 318.

Wrapped key receiving module 312 may include features for receiving one or more wrapped keys 114. As discussed above, wrapped key 114 may be included in a data structure that is received over a transmission medium. In one example, wrapped key receiving module 312 may receive wrapped key 114 over a network connection. In another example, wrapped key receiving module 312 may receive the key from a local or remote source that stores the wrapped key and the content that will be accessed using the unwrapped key. In either example, wrapped key 114 may be received with one or more cryptographic attributes 116 that are packaged with the wrapped key or received separate from cryptographic attributes (e.g., different sources, transmission mediums, or data structures). In response to receiving wrapped key 114, wrapped key receiving module 312 may store wrapped key 114 and the one or more cryptographic attributes 116 in data storage 340.

Attribute analysis module 314 may analyze cryptographic attributes that are associated with wrapped key 114. In the above example, at least one of the cryptographic attributes may be received from another computing device as discussed above. In another example, one or more cryptographic attributes may be embedded in the proof-of-work key wrapping protocol or a program implementing the client side of the proof-of-work key wrapping protocol (e.g., protocol always uses a specific key length or key derivation function).

Attribute analysis module 314 may analyze the cryptographic attributes (e.g., hints) to facilitate deriving the cryptographic key from wrapped key 114. Facilitating the derivation may involve reducing the computational complexity of deriving the access key from wrapped key 114. In one example, the cryptographic attributes may facilitate the derivation by reducing the amount of computing resources consumed by a brute force attack to discover an unwrap key that successfully decrypts the wrapped key 114. Example cryptographic attributes may include an indication of a cryptographic key function (e.g., key derivation function), a key size (e.g., unwrap key length, access key length), cryptographic key material (e.g., salt value, nonce value, seed value), other data, or a combination thereof.

Candidate generation module 316 may enable computing device 110B to generate candidate key material that can be used to derive the cryptographic key from wrapped key 114. The candidate key material may be a candidate key, a portion of a candidate key (e.g., key fragment), data for generating a candidate key, other data, or a combination thereof. The data may be input for one or more cryptographic key functions (e.g., key derivation functions) that generate the candidate key as discussed above. In one example, candidate generation module 316 may generate a set of candidate keys and store the set as candidate key data 342.

Verification module 318 may analyze the candidate key data 342 to verify whether any of the candidate keys are correct. Verifying whether a candidate key is correct may involve executing a verification function using verification data 344. Verification data 344 may include a verification code (e.g., tag), program data (e.g., executable code to perform verification), configuration data (e.g., settings), other data, or a combination thereof. Verification data 344 may be included in the proof-of-work key wrapping client and/or provided with or included in wrapped key 114, cryptographic attribute 116, or content 102, or a combination thereof.

Verification module 318 may compare verification data 344 to other data to determine whether the candidate key is correct. The verification data may be a verification code that is the same or similar to an authentication tag, a message authentication code (MAC), other bit sequence, or a combination thereof. In one example, the verification code may be encrypted with the cryptographic key and therefore may be embedded in wrapped key 114. Verification module 318 may decrypt wrapped key 114 using the candidate key and compare the decrypted verification code to an expected value to determine whether the candidate key correctly decrypted wrapped key 114. In another example, the verification code may be encrypted with the content and therefore may be embedded in content 102. Verification module 318 may unwrap the wrapped key using the candidate key and then use the unwrapped key to decrypt the verification code and content 102. The verification code may be compared to an expected value to determine if the candidate key is correct. In either example, the verification process may also or alternatively involve Authenticated Encryption (AE), Authenticated Encryption with Associated Data (AEAD), Encrypt-then-Authenticate-Then-Translate (EAX), Encrypt-then-MAC(EtM), Encrypt-and-MAC (E&M), MAC-then-Encrypt (MtE), Key Wrap, Cipher Block Chaining MAC (CBC-MAC), Counter with CBC-MAC (CCM), EAX, other verification process, or a combination thereof.

Verification module 318 may analyze one or more candidate keys sequentially or in parallel until a candidate key that satisfies the validation process is identified. Verification module 318 may then use the identified candidate key (e.g., unwrap key) to derive cryptographic key 104 (e.g., the access key) from wrapped key 114 and store cryptographic key 104 in data storage 340. Cryptographic key 104 may be any cryptographic key material or bit sequence that enables computing device 110B to access protected content. In one example, cryptographic key 104 may be a decryption key, an authentication key, an authorization key, a signature key, a transport key, an integrity key, other key, or a combination thereof

Content accessing component 320 may enable computing device 110B to use cryptographic key 104 after it is unwrapped to enable access to access controlled content (e.g., encrypted program data). The process of enabling access may then involve decrypting the content, establishing a connection to access the content, authenticating a user or device, other mechanism, or a combination thereof. Enabling access may involve providing the unwrapped version of cryptographic key 104 as input to a cryptographic function. The cryptographic function may be the same or similar to the cryptographic function discussed above and may include one or more encryption/decryption functions, authentication functions, authorization functions, verification functions, integrity functions, non-repudiation functions, hash functions, other functions, or a combination thereof.

The cryptographic function may be executed on computing device 110B, on one or more other computing devices, or a combination thereof. In one example, computing device 110B may execute the cryptographic function locally using cryptographic key 104A. In another example, the cryptographic function may be executed by another computing device using cryptographic key 104. In either example, content accessing component 320 may perform or cause one or more operations to provide, establish, facilitate, allow, permit, arrange, or enable access to content 102. This may cause content 102 to be available to computing device 110B or to a user of computing device 110. In the example shown in FIG. 3, content accessing component 320 may include an initiation module 322, decryption module 324, a connection module 326, and an authentication module 328.

Initiation module 322 may enable computing device 110B to process a request to access the content. The request may be manually or automatically initiated based on input from a user, scheduler, management device, load balancer, other input, or a combination thereof. In one example, the proof-of-work key wrapping task may be manually or automatically initiated in response to receiving a scheduled task.

Decryption module 324 may enable computing device 110B to decrypt content 102 using cryptographic key 104. Cryptographic key 104 may be a symmetric key for encrypting and decrypting data of content 102. The data may include encrypted message data, encrypted file data, encrypted database data, other data, or a combination thereof. The symmetric key used by the computing device 110B may be wrapped before, during, or after content 102 is encrypted and may or may not be identical to the symmetric key used to encrypt the content.

Connection module 326 may enable computing device 110B to establish a communication channel using cryptographic key 104. The communication channel may be the same or similar to the communication channel 122 of FIG. 1 and may enable communication with another device (e.g., data store or computing device). Establishing the communication channel may involve using the cryptographic key 104 to authenticate the computing device by authenticating or authorizing a user, process, device, interface, address, port, socket, other computing structure, or a combination thereof. Establishing the communication channel may also or alternatively involve using the cryptographic key to verify message content received over the communication channel. In one example, cryptographic key 104 may include a session key and the processing device may use the session key to establish a communication channel (e.g., TLS or IPSec connection) for accessing the content.

Authentication module 328 may enable computing device 110B to use cryptographic key 104 to authenticate with one or more other computing devices. Cryptographic key 104 may function as a token or signature and authentication module 328 may initiate an authentication process and may provide the cryptographic key 104 with a request or response message.

Encrypted memory region 103 may include primary storage (e.g., volatile or non-volatile memory), secondary storage (e.g., hard drive, solid state drive), network storage (e.g., network attached storage (NAS), storage area network (SAN), cloud storage), other data storage, or a combination thereof.

FIG. 4 is a block diagram illustrating a computing environment 400 that may use a proof-of-work key wrapping system discussed above to verify computing characteristics of a computing device that will host consumer code or configurations. The technology may be used to ensure that computing resources of a host computing device are capable of providing a threshold level of performance. This may be accomplished by configuring the proof-of-work key wrapping system with cryptographic attributes that target characteristics of the computing resources of a host computing device (e.g., recipient computing device). As discussed above, the selection of the cryptographic attributes may cause the process of breaching the wrapped key to consume a particular quantity of computing resources. By further incorporating a time determination feature the technology can determine how long the breach takes and therefore calculate a rate of the computing resources (e.g., rate (R)=quantity (Q)/time (T)).

The rate of the computing resources may be used to quantify the performance of the computing resources and may be compared to one or more threshold values (e.g., predetermined threshold values) to detect whether the recipient computing device satisfies the threshold value. The threshold value may be based on a value advertised by a provider of computing resources or a minimum rate requested by a consumer of the computing resource. For example, the threshold value may be a value corresponding to speed, capacity, bandwidth, other performance metric, or a combination thereof (e.g., processor speed, memory size, and network bandwidth). The threshold value may correspond to a cloud computing device (e.g., host machine), a distributed computing device (e.g., edge computing node), an end user device (e.g., smart phone, laptop), internet of things device (e.g., smart speaker), other computing device, or a combination thereof

In the example shown in FIG. 4, computing environment 400 may include computing devices 110A-Z (e.g., different types of hosts), a data store 120, and a network 150 that may be the same or similar to the corresponding entities in FIG. 1. Computing device 110A may function as a task scheduler and may configure the proof-of-work key wrapping system and the one or more computing devices 110B-Z may function as hosts to execute tasks 105 (e.g., proof of work task or schedule job).

Computing device 110A may configure the proof-of-work key wrapping system by selecting cryptographic attributes and wrapping cryptographic keys in view of the cryptographic attributes. Computing device 110A may configure the proof-of-work key wrapping system using key splitting, key thresholding, individual keys, integrated keys, other features, or a combination thereof as discussed below in regards to FIG. 5, 6A, 6B, and 7. The wrapped cryptographic keys may be provided to a recipient computing device to enable the recipient computing device to access content 102 (e.g., program data). Computing device 110A may include a cryptographic attribute component 113, an encrypting component 115, and a data providing component 117, which may be the same or similar to the components discussed in regards to FIGS. 1-2. Cryptographic attribute component 113 may select one or more sets of cryptographic attributes to control the quantity of computing resources consumed by the proof-of-work key wrapping system. For example, selecting different options for key lengths, salt values, or cryptographic functions affect the quantity of computing resources a recipient computing device consumes to derive the cryptographic key from the wrapped key. As discussed above in regards to FIG. 2, the cryptographic attributes in a single set may be selected to cause the recipient computing device to consume a particular quantity of computing resources to derive a single key. Multiple sets of cryptographic attributes may be selected when the recipient computing devices is deriving multiple keys (e.g., multiple keys for unwrapping the access key).

Deriving multiple keys using the multiple cryptographic attribute sets may result in smoothing out statistical variations. This enables the computing resources that are actually consumed to derive a key to be closer to the approximated amount and further from the best case and worst case scenarios, as discussed below in regards to FIGS. 6A-6B. The use of multiple sets of cryptographic attributes may also enable the proof-of-work key wrapping system to verify different characteristics of the recipient computing device. The process of deriving each key may function as a computational puzzle that is customized to verify a particular characteristic of the recipient computing device. The characteristics may relate to any of the computing resources and may relate to one or more hardware resources, program resources, other resources, or a combination thereof. For example, cryptographic attribute component 113 may identify n sets of cryptographic attributes (e.g., 3 sets) that will each be used to enable the recipient computing device to derive a different key. A first set of cryptographic attributes may result in a computational puzzle that focuses on a first characteristic (e.g., brute force attack that is processor intensive), the second set of cryptographic attributes may result in a computational puzzle that focuses on a second characteristic (e.g., brute force attack that is memory intensive), and the third set may result in a computational puzzle that focuses on a third characteristic (e.g., brute force attack that is I/O intensive).

If the recipient computing device is able to derive all three keys (e.g., solve all the computational puzzles) in a predetermined duration of time then it may indicate the recipient computing device satisfies the minimum threshold for each of the three characteristics being verified. As such, the technology can be used to verify the characteristics of the recipient computing device satisfy one or more performance and/or capacity thresholds. The computational puzzles can be configured to focus on any one or more characteristics discussed above in regards to characteristic data 242 of FIG. 2 or elsewhere in this application. In one example, if the recipient computing device fails satisfying one of the groups of characteristics it may attempt to satisfy another one of the groups to qualify.

The proof-of-work key wrapping system may be configured to use independent keys, integrated keys, or a combination thereof to verify the characteristics of the recipient computing device. The use of independent keys may enable the recipient computing device to perform each of the derivation processes in parallel which may make it harder to approximate the computing resources consumed or the threshold time. To enhance the predictability and consistency the proof-of-work key wrapping system may use integrated keys which will stop the one or more recipient computing devices from performing the key derivation in parallel and cause the key derivation to be done serially (sequentially, not concurrently).

The proof-of-work key wrapping system may be configured to use key thresholding to verify the characteristics of the recipient computing device (e.g., satisfies at least 2 of the 3 characteristics). For example, the proof-of-work key wrapping system may be configured to include different computational puzzles that test different characteristics of the recipient computing device but a recipient computing device may be sufficient if it solves a threshold number of the computational puzzles without solving all the computation puzzles. This may involve using proof-of-work key wrapping system of FIG. 5, 6A, or 6B and the key thresholding may be configured so that a subset of the keys can be derived without deriving all keys (e.g., derive 2 of the 3 keys within the threshold period of time). Extending the example discussed above, there may be multiple sets of cryptographic attribute sets (e.g., three sets) that correspond respectively to multiple different characteristics that are being verified (e.g., three characteristics). When the recipient computing device satisfies any two of those characteristics it can used the resulting two keys (e.g., key shares) to decrypt the cryptographic key and use it to access the data.

The key thresholding for the proof-of-work key wrapping may be further extended to test alternative groups of characteristics and satisfaction of at least one of the groups enables the recipient computing device to qualify (e.g., device passes test). Each group of characteristics may include one or more characteristics and a first group may include a first characteristic (e.g., GPU speed above threshold) and a second group may include a second and third characteristics (e.g., CPU speed above threshold and memory capacity above threshold). The recipient computing device may satisfy either group within the predetermined amount of time to qualify as being verified. In one example, if the recipient computing device may fail to satisfy one of the groups of characteristics (e.g., GPU missing or insufficient) and it may satisfy another one of the groups (e.g., CPU and memory are sufficient).

Content 102 may include program data that the recipient computing device can execute but the program data may remain un-executable until the recipient computing device derives the access key. Content 102 may be the same or similar to content 102A-Z of FIG. 1 and may include program data for one or more computer programs, virtual machine images, container images, other executable data structures, or a combination thereof. The program data may include executable data (e.g., machine code), non-executable data (e.g., configuration data, settings files), other data, or a combination thereof. The program data may be stored in an encrypted memory region and guarded by a trusted execution environment but may or may not be executed by the trusted execution environment (e.g., stored in TEE but executed outside of a TEE). The instance of the trusted execution environment that is guarding the program data may be the same or different from the TEE instance executing the proof-of-work task. In either example, the program data may originate from a remote data store and may be stored in data store 120.

Data store 120 may function as a data repository (e.g., program repository, image repository) and may include program data for one or more programs. Data store 120 may be the same as the data store 120 of FIG. 1 and may be local to the recipient computing device or remote from the recipient computing device. The program data may be stored in data store 120 as one or more data storage objects (e.g., files, records). In one example, the program data may stored in a package 402 with the wrapped key 114, cryptographic attribute 116, other data or a combination thereof.

The program data may include a condition checking function 403 that may be executed after the recipient computing device has gained access to the program data. Condition checking function 403 may be a portion of program data that enables the recipient computing device to check that a condition is satisfied. The condition may be related to whether the recipient computing device was able to derive the key within a predetermined duration of time. Checking the condition may involve determining a duration of time associated with key derivation and comparing the duration of time to an expected value (e.g., predetermined threshold time). Condition checking function 403 may determine the time duration by checking time data that includes one or more current times, past times, future times, or a combination thereof. The time data may be derived from a device time (e.g. system time, processor time), storage object time (e.g., file access time, creation time modification time, execution time), process or thread time (e.g., initiation time, aggregate execution time, termination time), other time data, or a combination thereof.

The time data may be analyzed to identify a time duration or analyzed to identify multiple times that may be compared to determine the time duration. For example, a first time may correspond to a time the key derivation began (e.g., start time for proof-of-work key wrapping task) and may be based on a time before, during, or after the recipient computing device accesses the wrapped key 114, the cryptographic attribute 116, or a combination thereof. A second time may correspond to the time the key derivation completed and may be based on a time before, during, or after the recipient computing device accesses, modifies, or executes program data. Condition checking function 403 may compare the first time and the second time to determine a time duration and may adjust the times or duration to more accurately reflect the duration of time consumed by the key derivation process. For example, the duration of time may be reduced to account for the amount of time it takes to use the access key to access program data. Accessing program data may be the same as accessing content (e.g., content accessing component 320 of FIG. 1-2) and may involve data decryption, connection establishment, or device authentication. The times may also or alternatively be adjusted in view of time associated with instantiating, deploying, initializing, configuring, other operation, or a combination thereof. Condition checking function 403 may then use the adjusted or unadjusted time to determine whether the condition is satisfied. Based on the output of condition checking function 403, the program data may perform one or more actions.

The actions performed by the program data may include one or more operations and may depend on whether the condition was satisfied. The action may involve terminating a program, providing a signal indicating the condition (e.g., fail message), disabling a feature, enabling a feature, other action, or a combination thereof. In one example, program data may be a computer program and in response to the status of the condition the computing program may terminate execution (e.g., exit) or continue execution (e.g., proceed). Terminating execution may involve terminating itself or another process executing on the recipient computing device or another device. In another example, programming data may include instructions for providing a signal (e.g., message, indicator) from the recipient computing device to another device to indicate a status of the condition (e.g., satisfied or unsatisfied). The signal may be provided to a management device that configured the proof-of-work key wrapping or to another device that manages the program data (e.g., provisioning server, deployment server, installation server, load balancer, etc.).

Computing devices 110X-Z provide example recipient computing devices that may execute programming data within trusted execution environments (not shown). Each of the computing device 110X-Z may correspond to at least one physical processing device that is capable of executing one or more computing operations. The term “computing device” may refer to a physical machine, a virtual machine, a container, or a combination thereof. Computing devices 110X-Z may provide one or more levels of virtualization for executing program data and the levels may include hardware level virtualization, operating system level virtualization, other virtualization, or a combination thereof. The hardware level virtualization may involve a hypervisor (e.g., virtual machine monitor) that emulates portions of a physical system and manages one or more virtual machines. In contrast, operating system level virtualization may include a single operating system kernel that manages multiple isolated virtual containers. Each virtual container may share the kernel of the underlying operating system without requiring its own kernel.

Computing device 110X is an example of a computing device that provides hardware level virtualization. Computing device 110X may execute a hypervisor 432 that provides hardware resources to one or more virtual machines 434. Hypervisor 432 may be any program or combination of programs and may run directly on the hardware (e.g., bare-metal hypervisor) or may run on or within a host operating system (not shown). The hypervisor may be the same as a virtual machine monitor and may manage and monitor various aspects of the operations of the computing device, including the storage, memory, and network interfaces. The hypervisor may abstract the physical layer hardware features such as processors, memory, and I/O devices, and present this abstraction as virtual devices to a virtual machine 434 executing a guest operating system 436.

Guest operating system 436 may be any program or combination of programs that are capable of managing computing resources of virtual machine 434 and/or computing device 110X. Guest operating system 436 may include a kernel comprising one or more kernel space programs (e.g., memory driver, network driver, file system driver) for interacting with virtual hardware devices or physical hardware devices. In one example, guest operating system 436 may include Linux®, Solaris®, Microsoft Windows®, Apple Mac®, other operating system, or a combination thereof.

Computing device 110Y may be similar to computing device 110X and may provide operating system level virtualization by running a computer program that provides computing resources to one or more containers 431A-B. Operating system level virtualization may be implemented within the kernel of operating system 433 and may enable the existence of multiple isolated containers. In one example, operating system level virtualization may not require hardware support and may impose little to no overhead because programs within each of the containers may use the system calls of the same underlying operating system 433. This may enable computing device 110Y to provide virtualization without the need to provide hardware emulation or be run in a virtual machine (e.g., intermediate layer) as may occur with hardware level virtualization. Operating system level virtualization may provide resource management features that isolate or limit the impact of one container (e.g., container 431A) on the resources of another container (e.g., container 431B).

The operating system level virtualization may provide a pool of computing resources that are accessible by container 431A and are isolated from one or more other containers (e.g., container 431B). The pool of resources may include file system resources (e.g., particular file system state), network resources (e.g., particular network interfaces, sockets, addresses, or ports), memory resources (e.g., particular memory portions), other computing resources, or a combination thereof. The operating system level virtualization may also limit (e.g., isolate) a container's access to one or more computing resources by monitoring the container's activity and restricting the activity in view of one or more limits. The limits may restrict the rate of the activity, the aggregate amount of the activity, or a combination thereof. The limits may include one or more of file system limits, disk limits, input/out (I/O) limits, memory limits, CPU limits, network limits, other limits, or a combination thereof.

Operating system 433 may include an operating system virtualizer that may provide containers 431A-B with access to computing resources. The operating system virtualizer may wrap one or more processes (e.g., of a particular service) in a complete file system that contains the code, runtime, system tools, system libraries, and other data present on the node (e.g., a particular file system state) that can be used by the processes executing within the container. In one example, the operating system virtualizer may be the same or similar to Docker® for Linux® or Windows®, ThinApp® by VMWare®, Solaris Zones® by Oracle®, other program, or a combination thereof In one example, the operating system virtualization may support and automate the packaging, deployment, and execution of applications inside containers (e.g., Open Shift®).

Each of the containers 431A-B may refer to a resource-constrained process space of computing device 110Y that can execute functionality of the program data. Containers 431A-B may be referred to as user-space instances, virtualization engines (VE), or jails and may appear to a user as a standalone instance of the user space of operating system 433. Each of the containers 431A-B may share the same kernel but may be constrained to use only a defined set of computing resources (e.g., CPU, memory, I/O). Aspects of the disclosure can create one or more containers to host a framework or provide other functionality of a service (e.g., web application functionality, database functionality) and may therefore be referred to as “service containers” or “application containers.”

Pod 435 may be a data structure that is used to organize one or more containers 431A-B and enhance sharing between the containers, which may reduce the level of isolation between containers within the same pod. Each pod may include one or more containers that share some computing resources with another container associated with the pod. Each pod may be associated with a unique identifier, which may be a networking address (e.g., IP address), that allows applications to use ports without a risk of conflict. A pod may be associated with a pool of resources and may define a volume, such as a local disk directory or a network disk and may expose the volume to one or more (e.g., all) of the containers within the pod. In one example, all of the containers associated with a particular pod may be co-located on the same computing device 110Y. In another example, the containers associated with a particular pod may be located on different computing devices that are on the same or different physical machines.

Network 150 may be a public network (e.g., the internet), a private network (e.g., a local area network (LAN) or wide area network (WAN)), or a combination thereof. In one example, network 150 may include a wired or a wireless infrastructure, which may be provided by one or more wireless communications systems, such as a wireless fidelity (WiFi) hotspot connected with the network 150 and/or a wireless carrier system that can be implemented using various data processing equipment, communication towers, etc.

FIG. 5 is a block diagram that illustrate an example proof-of-work key wrapping system 500 that uses a set of multiple keys to replace the access key, the wrap key, the wrapped access key, or other key. The use of multiple keys may smooth out statistical variations that arise when attempting to approximate the amount of computing resources consumed by the proof-of-work key wrapping scheme. Approximating the amount of time or computing resources consumed to derive the cryptographic key may be a statistical operation that results in a statistical approximation. The statistical approximation may be an expected value that corresponds to an average consumption and the actual amount of computing resources consumed for a particular instance consumed may vary between a best case scenario and worst case scenario. For example, deriving the cryptographic key from the wrapped key may involve an exhaustive key search to identify the unwrapping key (e.g., brute force attack). The best case scenario may occur when the first candidate key is the unwrapping key and the worst case scenario may occur when the last candidate key is the unwrapping key. To smooth out the statistical variations, the technology may use more keys. The increase in the number of keys will increase the probability that the actual results will be closer to the expected average value and farther from the best and worst case scenarios. This enables the technology to implement a proof-of-work key wrapping mechanism that is more predictable and consistent in the amount of computing resources that are actually consumed in each instance.

Proof-of-work key wrapping system 500 may increase the number of keys being used by replacing one or more of the access key, the wrap key, the wrapping function, or the resulting wrapped key with corresponding sets. For example, the access key (e.g., cryptographic key 104) may be replaced with a set of access keys (e.g., cryptographic keys 104A-C), the wrap key (e.g., cryptographic key 106) may be replaced with a set of wrap keys (e.g., cryptographic keys 106A-C), and the resulting wrapped key 114 may be replaced by a set of wrapped keys 114A-C. The wrap function (e.g., key encrypting module 224) may remain the same or may be replaced by a set of wrap functions as shown (e.g., key encrypting modules 224-C). Each wrap key in the set may be used to encrypt a respective access key to produce the set of wrapped keys (e.g., wrapped keys 114A-C). The set of keys being wrapped (e.g., cryptographic keys 104A-C) may be the same or similar to key fragments, key shares, key parts, key portions, key segments, other term, or a combination thereof. The computing device performing the wrapping may use a different wrap key to wrap each of the key shares. For example, cryptographic key 106A-C (e.g., wrap keys) may be provided as input to one or more key encrypting modules (e.g., 224 or 224A-C) to wrap cryptographic keys 104A-C and produce wrapped keys 114A-C.

[000113] The use of multiple keys may affect the computing device configuring the key wrapping (e.g., computing device 110A of FIG. 2) and the computing device breaching the wrapped key (e.g., computing device 110B of FIG. 3). To account for the multiple keys, the technology may select and provide multiple sets of cryptographic attributes as opposed to a single set of cryptographic attributes. Each set of cryptographic attributes may be selected by a device configuring the proof-of-work key wrapping and may be provided to a device performing the proof-of-work key wrapping task (e.g., guessing the key). Each set of cryptographic attributes may correspond to one or more unwrap keys and may be used to create the wrapping key to perform the wrapping or to derive the unwrap key to perform unwrapping. The process of selecting and providing the data for multiple keys may be the same discussed above in regards to selecting and providing data for a single key. Each of the keys in a respective set may be used individually to perform a cryptographic task (e.g., encrypt/decrypt, wrap/unwrap) or may be combined together to perform the task. The keys in a set may be independent from one another or may be integrated with one another as discussed below in regards to FIGS. 6A and 6B.

FIG. 6A and FIG. 6B are block diagrams that illustrate processes executed by a recipient computing device to derive a set of keys. As discussed above, the set of keys may correspond to the access key, wrap key, wrapped key, or a combination thereof. In one example, the technology may replace the access key (cryptographic key 104) with a set of multiple keys (e.g., key fragments) that are each individually wrapped. The resulting wrapped keys (e.g., wrapped key fragments) may be provided to a recipient computing device and the recipient computing device may derive a key to unwrap each of the wrapped keys. In another example, the technology may replace the unwrapping key instead of or in addition to replacing the access key being wrapped. In this example, a single wrap key may be used to wrap and unwrap the access key and it may be replaced by a set of multiple unwrap keys. The unwrap keys in the set may be subsequently combined to unwrap the wrapped key (e.g., produce the original wrap/unwrap key). In either example, a key may be replaced by a set of keys by either using key splitting or key formation. The key splitting may involve generating an original key and then splitting the original key into fragments. The key fragments may then be combined to produce the original key. Key formation may involve creating the key fragments that can be subsequently combined without first creating the combined key. As used throughout this application, the term key may be a general term that corresponds to any portion of key material (e.g., bit sequence) that is used as input to a cryptographic function. The term key may correspond to an entire key, a fragment of a key (e.g., key portion, key part, key piece, key element, key unit, key share, key shard), a combined key (e.g., aggregate key, composite key, combination key, merged key), other bit sequence, or a combination thereof. A key fragment may be an example of a key and is used in discussing FIG. 6A and 6B. Any use of the term key fragment or key share may be replaced with key without changing the concepts discussed.

The set of unwrapping keys may include unwrapping keys that are integrated with one another or may contain unwrapping keys that are independent from one another. A set of unwrapping keys that are integrated with one another may include an unwrapping key that is mathematically related to another key and is derived from another unwrapping key in the set. For example, at least one unwrapping key in the set may be generated by providing one or more of the other unwrapping keys in the set as input to a key derivation function. A set that includes unwrapping keys that are independent from one another (e.g., non-integrated) may include unwrapping keys that are all independent from one another and no key may be derived using another key of the set as input. In either example, one or more of the wrapped keys may be derived using the same cryptographic key function, different cryptographic key functions, or a combination thereof.

FIG. 6A and FIG. 6B provide examples of a proof-of-work key wrapping system that uses multiple keys to unwrap one or more wrapped keys. FIG. 6A includes example recipient computing device 600 that can derive a set of independent keys in parallel (e.g., concurrently, simultaneously). FIG. 6B includes an example recipient computing device 650 that can derive a set of integrated keys serially (e.g., sequentially). The integrated keys may be designed to stop the recipient computing device from deriving all of the keys in parallel because the input of at least one of the key deriving components includes the output key of a key deriving component. In either example, the recipient computing device may use the resulting derived keys for unwrapping a wrapped key. FIG. 6A and 6B also illustrate how the resulting derived unwrapping keys may be used individually for unwrapping portions of an access key or may be combined and the combined key may be used to unwrap the access key.

In the examples shown in FIGS. 6A and 6B, each recipient computing device 600 and 650 may derive cryptographic keys106A-C in parallel or serially using the one or more key deriving components 310A-C and one or more cryptographic attribute sets 116A-C. In the examples shown, a single recipient computing device may derive each one of the cryptographic keys 106A-C. In other examples, multiple recipient computing devices may collectively derive cryptographic keys 106A-C and each of the multiple recipient computing devices may derive one or more of cryptographic keys 106A-C.

Cryptographic attribute sets 116A-C may each include one or more cryptographic attributes for deriving a cryptographic key. The cryptographic attributes in sets 116A-C may be the same or similar to the cryptographic attributes 116 of FIG. 1-3. Some of the cryptographic attributes in sets 116A-C may the same between sets and some of the cryptographic attributes in sets 116A-C may be different between sets. In one example, each of the cryptographic attribute sets 116A-C may be different and used to derive a different cryptographic key. In another example, two or more of the cryptographic attribute sets 116A-C may be the same and combined with other data (e.g., output of cryptographic key function and/or nonce) to derive different cryptographic keys using key deriving component 310A-C.

Key deriving components 310A-C may be the same or similar to key deriving component 310 of FIG. 3 and may include key generation features and the key verification features discussed above. In one example, each of key deriving components 310A-C may use the same cryptographic key function (e.g., key derivation function). In other examples, key deriving components 310A-C may use different cryptographic key functions. In either example, the cryptographic key function used by a respective key deriving component may be indicated by one of the cryptographic attributes, a proof-of-work protocol, a client program implementing the proof-of-work protocol, other data, or a combination thereof.

Key deriving components 310A-C of both FIG. 6A and FIG. 6B may take cryptographic attribute sets 116A-C as input and output cryptographic keys 106A-C. One or more of the key deriving components of FIG. 6B may also take as input integration data 616 from one or more key deriving components. The integration data 616 may be from an earlier iteration of the key deriving component, from another instance of the same key deriving component, output from a different key deriving component (e.g., on the same or different device), other variation, or a combination thereof. In the example shown in FIG. 6B, key deriving component 310A may receive cryptographic attribute set 116A that includes a key length (e.g., 128 bit size), a salt value (e.g., 0×1010), a nonce (e.g., 11110000), other data, or a combination thereof. Key deriving component 310A may then try multiple different candidate keys until it identifies cryptographic key 106A, which satisfied the verification function. Cryptographic key 106A may then be stored and cryptographic key 106A and cryptographic attribute set 116B may be provided to key deriving component 310B as separate input (e.g., different parameters or sources) or as combined input (e.g., same parameter). Key deriving component 310B may then try multiple different candidate keys that are based on cryptographic key 106A (e.g., mathematically related) until it identifies cryptographic key 106B, which satisfies the corresponding verification function. Cryptographic key 106B may then be stored and provided as input to key deriving component 310C. In one example, key deriving component 310C may take as input one or more of the previously derived cryptographic keys (e.g., cryptographic key 106A or both cryptographic keys 106A and 106B). This process may be repeated for each subsequent key deriving component (not shown) to identify any subsequent cryptographic keys (not shown).

[000121] Each of the cryptographic keys 106A-C of FIG. 6A and 6B may be the same or similar to cryptographic key 106 of FIG. 1-3 and may be used to unwrap one or more wrapped access keys. In FIG. 6A, each of the derived cryptographic keys 106A-C may be used to unwrap a different wrapped key. For example, the access key may have been split and each fragment of the access key may have been individually wrapped and each of cryptographic keys 106A-C may be used to unwrap a respective individually wrapped fragment of the access key. In FIG. 6B, each of the derived cryptographic keys 106A-C may be a fragment of an unwrapping key and cryptographic keys 106A-C may be combined to create cryptographic key 106 that can be used to unwrap the wrapped access key.

The proof-of-work key wrapping system discussed above may be further enhanced to use key thresholding. Key thresholding may enable a recipient computing device to access content without deriving all of the keys in a set. For example, the set of keys may include n keys (e.g., 7 keys) and the recipient computing device may derive a subset of the keys (e.g., 3 keys) and the subset of keys may be used together to enable the recipient computing device to access content. The subset of keys may be combined into a combined key to access the content even though one or more keys of the set are unknown to the recipient computing device. The keys in the subset may be provided to a cryptographic function individually as separate inputs or combined and provided as a single combined input. Any of the proof-of-work key wrapping systems discussed herein may implement key thresholding by replacing the access key, the wrap key, the resulting wrapped key, or a combination thereof with a corresponding set. The keys used for key thresholding may be referred to as key shares and may be the same or similar to key fragments, key parts, key portions, key segments, other term, or a combination thereof. A subset of the keys (e.g., only first and last key share) may enable the recipient computing device to access content and all or a subset of the keys in the set may be encrypted and provided to the recipient computing device. Therefore, as soon as the one or more recipient computing devices derive enough keys to satisfy the minimum number of keys (e.g., threshold) they may be used to access the content.

The computing device that configures the proof-of-work key wrapping may wrap each key using a different wrap key to produce different wrapped keys (e.g., wrapped key shares). For example, cryptographic key 106A-C (e.g., wrap keys) may be provided as input to key encrypting module 224A-C to wrap cryptographic keys 104A-C and produce wrapped keys 114A-C. In other examples, proof-of-work key wrapping system may apply key thresholding to the access key (e.g., cryptographic key 104), to the unwrap key (e.g., cryptographic key 106), to other key material, or a combination thereof.

FIGS. 5, 6A, and 6B provide multiple different enhancements that can be used interchangeably in the examples discussed above and can be used individually or combination to increase the number of keys the recipient computing device needs to derive in order to access data. The enhancements may include key splitting and/or key thresholding and may be applied to the access key, unwrap key, other key, or a combination thereof. In the examples discussed in regards to FIG. 1, there may be a single access key (cryptographic key 104) that is encrypted and can be decrypted using a single unwrap key (cryptographic key 106). The multiple enhancements discussed above enable the proof-of-work key wrapping system to replace the access key, unwrap key, or both with a set of keys that work in combination with one another (e.g., key fragments). For example, key thresholding may be used to replace the access key with a set of access keys (e.g., access key shares) that can be individually wrapped and provided to one or more recipient computing devices. The keys used to unwrap each wrapped key may be split to produce multiple corresponding sets of unwrap key fragments. Each key fragment may correspond to a set of cryptographic attributes (e.g., hints) that may be provided to a recipient computing device with the wrapped key shares so that the recipient computing device and derive and combine the key shares to access the content controlled using the proof-of-work key wrapping system.

By applying these enhancements a proof-of-work key wrapping system may use a large number of keys that may need to be derived. Extending the example discussed above, the access key may be replaced by a set of A keys (e.g., 8 access key fragments/shares) that are each individually wrapped and correspond to a single unwrap key (e.g., fragments of an aggregate unwrap key). Each of the unwrap keys may be replaced by a set of B keys (e.g., 4 unwrap key shares). As a result, the recipient computing device may need to derive up to A×B keys (e.g., 32 key fragments) to derive the original access key (cryptographic key 104). If key thresholding is applied to both sets then the number may be reduced. For example, there may be a threshold for the access key set (T_(a)) (e.g., 50% of the set) and a threshold for the unwrap key set (T_(b)) (e.g., 75% of set). This will result in the recipient computing device needing to derive a minimum of [A×T_(a)]×[B×T_(b)] keys (e.g., minimum of 12 of the 32 key shares). These keys may be integrated or independent and may be collectively derived by one or more recipient computing devices in parallel or serially according to the above examples.

As discussed above, the technology disclosed herein may increase the number of keys in multiple ways. In one example, the technology may split the cryptographic key into multiple keys (e.g., key fragments) that are each individually wrapped. The resulting wrapped keys (e.g., wrapped key fragments) may be provided to a recipient computing device with cryptographic attributes (e.g., hints for breaching each wrapped key) and the recipient computing device may derive the unwrapping key for each of the wrapped keys. In another example, the technology may split the unwrapping key instead of or in addition to splitting the cryptographic key being wrapped. The unwrapping key may be replaced with a set of unwrapping keys. In this situation, a single wrapped key may be provided to the recipient computing device along with cryptographic attributes for each unwrapping key in the set (e.g., hints for each unwrap key fragment). The cryptographic attributes may enable the recipient computing device to derive each of the multiple unwrapping keys and the multiple unwrapping keys may be combined and used to unwrap the wrapped key.

The cryptographic key or unwrapping key discussed throughout this application may be a set of keys and multiple keys of the set may be combined to enable access to the restricted content. The keys in the set may be the same or similar to key fragments, key shares, key segments, key parts, other term, or a combination thereof. Two or more of the keys in the set may be combined and provided as a single input or as separate inputs to a cryptographic function. In one example, all of the keys in a set may be used together and if one or more of the keys in the set are unknown to the recipient computing device the recipient computing device may be unable to access the content. In another example, a subset of the keys in the set may be used together even though one or more keys in the set are unknown. In the latter example, the minimum quantity of keys in the subset may need to satisfy a threshold number before access is enabled (e.g., key thresholding). For example, a set may include seven keys (n=7) and the threshold may be configured to be the integer value three (t=3) and if the subset has at least three of the seven keys, the content may be accessible (e.g., t of n).

FIGS. 7 and 9 depict flow diagrams of illustrative methods for verifying computing resources using a proof-of-work key wrapping system, in accordance with one or more aspects of the present disclosure. The methods and each of their individual functions, routines, subroutines, or operations may be performed by one or more processors of a computer device executing the method. In certain implementations, an example method may be performed by a single computing device. Alternatively, an example method may be performed by two or more computing devices and each of the computing devices may execute one or more individual functions, routines, subroutines, or operations of the method.

For simplicity of explanation, the example methods of this disclosure are depicted and described as a series of acts. However, acts in accordance with this disclosure can occur in various orders and/or concurrently, and with other acts not presented and described herein. Furthermore, not all illustrated acts may be required to implement the methods in accordance with the disclosed subject matter. In addition, those skilled in the art will understand and appreciate that the methods could alternatively be represented as a series of interrelated states via a state diagram or events. Additionally, it should be appreciated that the methods disclosed in this specification are capable of being stored on an article of manufacture to facilitate transporting and transferring such methods to computing devices. The term “article of manufacture,” as used herein, is intended to encompass a computer program accessible from any computer-readable device or storage media. The example methods may be performed by computing devices 110A-Z of FIG. 1, other computing device, or a combination thereof.

Referring to FIG. 7, example method 700 may be depicted as a flow diagram and involve using a proof-of-work key wrapping system to verify device capabilities, in accordance with one or more aspects of the present disclosure. Method 700 may be executed by one or more processing devices of a client device or server device and may begin with block 702. At block 702, a processing device may access a wrapped key and a cryptographic attribute for the wrapped key from an encrypted memory region. The wrapped key encodes a cryptographic key and the cryptographic attribute may include a cryptographic attribute of a cryptographic key used to generate the wrapped key. In one example, the cryptographic attribute may include one or more of a key length, a key derivation function, or a salt value. In one example, the processing device may provide a trusted execution environment (TEE) that comprises the encrypted memory region and the processing device may use the trusted execution environment to execute the instructions and to store the derived cryptographic key. The encrypted memory region may include an enclave that stores data that is encrypted and decrypted using cryptographic keys that are accessible to the processing device and are inaccessible to all processes executed by the processing device.

At block 704, the processing device may derive the cryptographic key in view of the wrapped key and the cryptographic attribute. The deriving may consume computing resources for a particular duration of time. Deriving the cryptographic key may involve deriving the cryptographic key from the wrapped key without being provided a key to unwrap the wrapped key. In one example, deriving the cryptographic key may involve generating and verifying a plurality of candidate cryptographic keys for unwrapping the wrapped key in view of the cryptographic attribute.

At block 706, the processing device may use the cryptographic key to access program data. The program data may include executable data of at least one of a computer program, a virtual machine image, or a container image. In one example, the program data may be accessible over a connection and using the cryptographic key to access the program data may involve establishing the connection using the cryptographic key. In another example, the program data may be encrypted and using the cryptographic key to access the program data may involve decrypting the program data in view of the cryptographic key. The encrypted version of the program data and the wrapped key may or may not be packaged together.

At block 708, the processing device may execute the program data. The executed program data may evaluate one or more conditions related to the duration of time of the derivation. The duration of time for deriving the cryptographic key may or may not satisfy a predetermined minimum threshold value which may correspond directly to a speed of the computing resources.

At block 710, the processing device may transmit a message comprising an indication of the condition. Transmitting the message may involve transmitting a message to a device that generated the wrapped key and the message may indicate that the deriving of the cryptographic key in view of the wrapped key occurred within a predetermined minimum threshold time. Responsive to completing the operations described herein above with references to block 710, the method may terminate.

FIG. 8 depicts a block diagram of a computer system 800 operating in accordance with one or more aspects of the present disclosure. Computer system 800 may be the same or similar to computing device 110A of FIG. 2 or computing device 110B of FIG. 3, and may include one or more processing devices and one or more memory devices. In the example shown, computer system 800 may include an attribute accessing module 810, a key deriving module 820, an access module 830, a program execution module 840, and a message transmitting module 850.

Attribute accessing module 810 may enable a processing device to access a wrapped key and a cryptographic attribute for the wrapped key from an encrypted memory region. The wrapped key encodes a cryptographic key and the cryptographic attribute may include a cryptographic attribute of a cryptographic key used to generate the wrapped key. In one example, the cryptographic attribute may include one or more of a key length, a key derivation function, or a salt value. In one example, the processing device may provide a trusted execution environment (TEE) that comprises the encrypted memory region and the processing device may use the trusted execution environment to execute the instructions and to store the derived cryptographic key. The encrypted memory region may include an enclave that stores data that is encrypted and decrypted using cryptographic keys that are accessible to the processing device and are inaccessible to all processes executed by the processing device.

Key deriving module 820 may enable the processing device to derive the cryptographic key in view of the wrapped key and the cryptographic attribute. The deriving may consume computing resources for a particular duration of time. Deriving the cryptographic key may involve deriving the cryptographic key from the wrapped key without being provided a key to unwrap the wrapped key. In one example, deriving the cryptographic key may involve generating and verifying a plurality of candidate cryptographic keys for unwrapping the wrapped key in view of the cryptographic attribute.

Access module 830 may enable the processing device to use the cryptographic key to access program data. The program data may include executable data of at least one of a computer program, a virtual machine image, or a container image. In one example, the program data may be accessible over a connection and using the cryptographic key to access the program data may involve establishing the connection using the cryptographic key. In another example, the program data may be encrypted and using the cryptographic key to access the program data may involve decrypting the program data in view of the cryptographic key. The encrypted version of the program data and the wrapped key may or may not be packaged together.

Program execution module 840 may enable the processing device to execute the program data. The executed program data may evaluate one or more conditions related to the duration of time of the derivation. The duration of time for deriving the cryptographic key may or may not satisfy a predetermined minimum threshold value which may correspond directly to a speed of the computing resources.

Message transmitting module 850 may enable the processing device to transmit a message comprising an indication of the condition. Transmitting the message may involve transmitting a message to a device that generated the wrapped key and the message may indicate that the deriving of the cryptographic key in view of the wrapped key occurred within a predetermined minimum threshold time.

Referring to FIG. 9, example method 900 may be depicted as a flow diagram and involve using a proof-of-work key wrapping system to verify device capabilities, in accordance with one or more aspects of the present disclosure. Method 900 may be executed by one or more processing devices of a client device or server device and may begin with block 902.

At block 902, a processing device may receive, for a computing device, a wrapped key and a cryptographic attribute for the wrapped key. The wrapped key encodes a cryptographic key and the cryptographic attribute may include a cryptographic attribute of a cryptographic key used to generate the wrapped key. In one example, the cryptographic attribute may include one or more of a key length, a key derivation function, or a salt value.

At block 904, the processing device may store instructions, the wrapped key and the cryptographic attribute in an encrypted memory region. In one example, the processing device may provide a trusted execution environment (TEE) that comprises the encrypted memory region and the processing device may use the trusted execution environment to execute the instructions and to store the derived cryptographic key. The encrypted memory region may include an enclave that stores data that is encrypted and decrypted using cryptographic keys that are accessible to the processing device and are inaccessible to all processes executed by the processing device.

At block 906, the processing device may derive the cryptographic key in view of the wrapped key and the cryptographic attribute. The deriving may consume computing resources for a particular duration of time. Deriving the cryptographic key may involve deriving the cryptographic key from the wrapped key without being provided a key to unwrap the wrapped key. In one example, deriving the cryptographic key may involve generating and verifying a plurality of candidate cryptographic keys for unwrapping the wrapped key in view of the cryptographic attribute.

At block 908, the processing device may use the cryptographic key to access program data. The program data may include executable data of at least one of a computer program, a virtual machine image, or a container image. In one example, the program data may be accessible over a connection and using the cryptographic key to access the program data may involve establishing the connection using the cryptographic key. In another example, the program data may be encrypted and using the cryptographic key to access the program data may involve decrypting the program data in view of the cryptographic key. The encrypted version of the program data and the wrapped key may or may not be packaged together.

At block 910, the processing device may execute the program data. The executed program data may evaluate one or more conditions related to the duration of time of the derivation. The duration of time for deriving the cryptographic key may or may not satisfy a predetermined minimum threshold value which may correspond directly to a speed of the computing resources.

At block 912, the processing device may transmit a message comprising an indication of the condition. Transmitting the message may involve transmitting a message to a device that generated the wrapped key and the message may indicate that the deriving of the cryptographic key in view of the wrapped key occurred within a predetermined minimum threshold time. Responsive to completing the operations described herein above with references to block 912, the method may terminate.

FIG. 10 depicts a block diagram of a computer system operating in accordance with one or more aspects of the present disclosure. In various illustrative examples, computer system 1000 may correspond to computing device 110A-Z of FIG. 1, computing device 110A of FIG. 2, or computing device 110B of FIG. 3. Computer system 1000 may be included within a data center that supports virtualization. Virtualization within a data center results in a physical system being virtualized using virtual machines to consolidate the data center infrastructure and increase operational efficiencies. A virtual machine (VM) may be a program-based emulation of computer hardware. For example, the VM may operate based on computer architecture and functions of computer hardware resources associated with hard disks or other such memory. The VM may emulate a physical environment, but requests for a hard disk or memory may be managed by a virtualization layer of a computing device to translate these requests to the underlying physical computing hardware resources. This type of virtualization results in multiple VMs sharing physical resources.

In certain implementations, computer system 1000 may be connected (e.g., via a network, such as a Local Area Network (LAN), an intranet, an extranet, or the Internet) to other computer systems. Computer system 1000 may operate in the capacity of a server or a client computer in a client-server environment, or as a peer computer in a peer-to-peer or distributed network environment. Computer system 1000 may be provided by a personal computer (PC), a tablet PC, a set-top box (STB), a Personal Digital Assistant (PDA), a cellular telephone, a web appliance, a server, a network router, switch or bridge, or any device capable of executing a set of instructions (sequential or otherwise) that specify actions to be taken by that device. Further, the term “computer” shall include any collection of computers that individually or jointly execute a set (or multiple sets) of instructions to perform any one or more of the methods described herein.

In a further aspect, the computer system 1000 may include a processing device 1002, a volatile memory 1004 (e.g., random access memory (RAM)), a non-volatile memory 1006 (e.g., read-only memory (ROM) or electrically-erasable programmable ROM (EEPROM)), and a data storage device 1016, which may communicate with each other via a bus 1008.

Processing device 1002 may be provided by one or more processors such as a general purpose processor (such as, for example, a complex instruction set computing (CISC) microprocessor, a reduced instruction set computing (RISC) microprocessor, a very long instruction word (VLIW) microprocessor, a microprocessor implementing other types of instruction sets, or a microprocessor implementing a combination of types of instruction sets) or a specialized processor (such as, for example, an application specific integrated circuit (ASIC), a field programmable gate array (FPGA), a digital signal processor (DSP), or a network processor).

Computer system 1000 may further include a network interface device 1022. Computer system 1000 also may include a video display unit 1010 (e.g., an LCD), an alphanumeric input device 1012 (e.g., a keyboard), a cursor control device 1014 (e.g., a mouse), and a signal generation device 1020.

Data storage device 1016 may include a non-transitory computer-readable storage medium 1024 on which may store instructions 1026 encoding any one or more of the methods or functions described herein, including instructions for implementing method 700 or 900 and for encoding components 312, 314, 316, and 318 of FIGS. 3.

Instructions 1026 may also reside, completely or partially, within volatile memory 1004 and/or within processing device 1002 during execution thereof by computer system 1000, hence, volatile memory 1004 and processing device 1002 may also constitute machine-readable storage media.

While computer-readable storage medium 1024 is shown in the illustrative examples as a single medium, the term “computer-readable storage medium” shall include a single medium or multiple media (e.g., a centralized or distributed database, and/or associated caches and servers) that store the one or more sets of executable instructions. The term “computer-readable storage medium” shall also include any tangible medium that is capable of storing or encoding a set of instructions for execution by a computer that cause the computer to perform any one or more of the methods described herein. The term “computer-readable storage medium” shall include, but not be limited to, solid-state memories, optical media, and magnetic media.

Other computer system designs and configurations may also be suitable to implement the system and methods described herein. The following examples illustrate various implementations in accordance with one or more aspects of the present disclosure.

The methods, components, and features described herein may be implemented by discrete hardware components or may be integrated in the functionality of other hardware components such as ASICS, FPGAs, DSPs or similar devices. In addition, the methods, components, and features may be implemented by firmware modules or functional circuitry within hardware devices. Further, the methods, components, and features may be implemented in any combination of hardware devices and computer program components, or in computer programs.

Unless specifically stated otherwise, terms such as “determining,” “deriving,” “encrypting,” “creating,” “generating,” “using,” “accessing,” “executing,” “obtaining,” “storing,” “transmitting,” “providing,” “establishing,” “receiving,” “identifying,” “initiating,” or the like, refer to actions and processes performed or implemented by computer systems that manipulates and transforms data represented as physical (electronic) quantities within the computer system registers and memories into other data similarly represented as physical quantities within the computer system memories or registers or other such information storage, transmission or display devices. Also, the terms “first,” “second,” “third,” “fourth,” etc. as used herein are meant as labels to distinguish among different elements and may not have an ordinal meaning according to their numerical designation.

Examples described herein also relate to an apparatus for performing the methods described herein. This apparatus may be specially constructed for performing the methods described herein, or it may comprise a general purpose computer system selectively programmed by a computer program stored in the computer system. Such a computer program may be stored in a computer-readable tangible storage medium.

The methods and illustrative examples described herein are not inherently related to any particular computer or other apparatus. Various general purpose systems may be used in accordance with the teachings described herein, or it may prove convenient to construct more specialized apparatus to perform method 300 and/or each of its individual functions, routines, subroutines, or operations. Examples of the structure for a variety of these systems are set forth in the description above.

The above description is intended to be illustrative, and not restrictive. Although the present disclosure has been described with references to specific illustrative examples and implementations, it will be recognized that the present disclosure is not limited to the examples and implementations described. The scope of the disclosure should be determined with reference to the following claims, along with the full scope of equivalents to which the claims are entitled. 

What is claimed is:
 1. A method comprising: accessing, by a processing device, a wrapped key that encodes a cryptographic key; executing, by the processing device in a trusted execution environment, instructions to derive the cryptographic key in view of the wrapped key, wherein the executing to derive the cryptographic key comprises a task that consumes computing resources for a duration of time; using the cryptographic key to access program data; executing, by the processing device, the program data, wherein the executed program data evaluates a condition related to the duration of time; and transmitting a message comprising an indication of the evaluated condition.
 2. The method of claim 1, wherein transmitting the message comprises transmitting a message over a network to a scheduling device that generated the wrapped key, wherein the message indicates that the deriving of the cryptographic key in view of the wrapped key occurred within a predetermined minimum threshold time.
 3. The method of claim 1, wherein the processing device establishes the trusted execution environment (TEE) and the TEE comprises an encrypted memory region, and wherein the processing device uses the trusted execution environment to execute the instructions and to store the derived cryptographic key in the encrypted memory region.
 4. The method of claim 3, wherein the encrypted memory region comprises an enclave that stores data that is encrypted and decrypted using cryptographic keys that are accessible to the processing device and are inaccessible to any processes executed by the processing device.
 5. The method of claim 3, wherein the encrypted memory region comprises data that is accessible to a virtual machine in a decrypted form and is inaccessible to a hypervisor in the decrypted form.
 6. The method of claim 1, further comprising accessing, by the processing device, a cryptographic attribute of a cryptographic key used to generate the wrapped key, wherein the cryptographic attribute indicates one or more of a key length, a key derivation function, or a salt value.
 7. The method of claim 1, wherein deriving the cryptographic key comprises generating a plurality of candidate cryptographic keys for unwrapping the wrapped key.
 8. The method of claim 1, wherein the program data comprises executable data of at least one of a computer program, a virtual machine image, or a container image.
 9. The method of claim 1, wherein the wrapped key and an encrypted version of the program data are packaged together.
 10. The method of claim 1, wherein the duration of time for deriving the cryptographic key satisfies a predetermined minimum threshold value and corresponds to a speed of the computing resources.
 11. The method of claim 1, wherein the program data is encrypted and wherein using the cryptographic key to access the program data comprises decrypting the program data in view of the cryptographic key.
 12. A system comprising: a memory; and a processing device communicably coupled to the memory, the processing device to: access a wrapped key that encodes a cryptographic key; execute instructions using a trusted execution environment to derive the cryptographic key in view of the wrapped key, wherein the executing to derive the cryptographic key comprises a task that consumes computing resources for a duration of time; use the cryptographic key to access program data; execute the program data, wherein the executed program data evaluates a condition related to the duration of time; and transmit a message comprising an indication of the evaluated condition.
 13. The system of claim 12, wherein the processing device transmits the message over a network to a scheduling device that generated the wrapped key, and wherein the message indicates that the deriving of the cryptographic key in view of the wrapped key occurred within a predetermined minimum threshold time.
 14. The system of claim 12, wherein the processing device establishes the trusted execution environment (TEE) and the TEE comprises an encrypted memory region, and wherein the processing device uses the trusted execution environment to execute the instructions and to store the derived cryptographic key in the encrypted memory region.
 15. A non-transitory machine-readable storage medium storing instructions which, when executed, cause a processing device to perform operations comprising: receiving a wrapped key that encodes a cryptographic key; storing the wrapped key in an encrypted memory region of a trusted execution environment; executing, by a processing device using the trusted execution environment, instructions to derive the cryptographic key in view of the wrapped key, wherein the executing the instructions to derive the cryptographic key comprises a task that consumes computing resources for a duration of time; using the cryptographic key to access program data; executing, by the processing device, the program data, wherein the executed program data evaluates a condition related to the duration of time; and transmitting a message comprising an indication of the evaluated condition.
 16. The non-transitory machine-readable storage medium of claim 15, wherein transmitting the message comprises transmitting a message over a network to a scheduling device that generated the wrapped key, wherein the message indicates that the deriving of the cryptographic key in view of the wrapped key occurred within a predetermined minimum threshold time.
 17. The non-transitory machine-readable storage medium of claim 15, wherein the processing device establishes the trusted execution environment (TEE) and the TEE comprises an encrypted memory region, and wherein the processing device uses the trusted execution environment to execute the instructions and to store the derived cryptographic key in the encrypted memory region.
 18. The non-transitory machine-readable storage medium of claim 17, wherein the encrypted memory region comprises an enclave that stores data that is encrypted and decrypted using cryptographic keys that are accessible to the processing device and are inaccessible to any processes executed by the processing device.
 19. The non-transitory machine-readable storage medium of claim 17, wherein the encrypted memory region comprises data that is accessible to a virtual machine in a decrypted form and is inaccessible to a hypervisor in the decrypted form.
 20. The non-transitory machine-readable storage medium of claim 15, wherein the operations further comprise receiving a cryptographic attribute of a cryptographic key used to generate the wrapped key, wherein the cryptographic attribute indicates one or more of a key length, a key derivation function, or a salt value. 